{"report_id":"1872f00d-ad2b-47cc-94d3-36f5620c0c7f","version":6,"status":"done","tags":[],"date":"2026-03-06T06:52:18Z","url":{"schema":"http","addr":"rover-app.org","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"final":{"url":{"schema":"https","addr":"rover-app.org/","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"title":"RoVer","dom":{"size":73781,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (391)","md5":"2fb68447b2ea13631a51d0199a2b54f9","sha1":"311a846cc4f2f0f72ee70e07a97d53909379c132","sha256":"2383cfcce906a26e647399cc879d54ea4538dc20479904895faee8f82c5eff3a","sha512":"122777844ad1906c8427fdee9053ec93054c0e0fccea1f5f7a58279d0d149b427524a2e46a038ba5f0bac3df6ab6797f711b68038351d02873cf04513cd7fafa","ssdeep":"768:7ixBfaTVplRhf/mGFHLiesG9MpjGGlMkMc/2ClW+RFFg+gUmwZ8g1ioMBzodMXw:+x0pPkMc/2H+RngnXw","tlshash":"847331194973e29d1c63941e23e15e231270e403ad05fb9f3bff81a48f4bad464dae66","dom_hash":"domhash2b11a2f8eff9e18844fef29f1807198b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"rover-app.org","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":0,"asn":0,"as":"","country":"Iran","country_code":"IR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-10T06:52:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-03-01T22:18:12.522658Z","alert_count":0,"request_count":1,"received_data":3391,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2026-03-01T22:33:58.871316Z","alert_count":0,"request_count":1,"received_data":31565,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-03-01T22:15:00.771016Z","alert_count":0,"request_count":2,"received_data":34110,"sent_data":1064,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rover-app.org","ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"domain_registered":"2026-01-20","domain_rank":0,"first_seen":"2026-03-06T06:52:19.091915Z","last_seen":"2026-03-06T06:52:19.091915Z","alert_count":18,"request_count":6,"received_data":269060,"sent_data":2669,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]}]},{"fqdn":"cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":895,"first_seen":"2020-10-23T05:27:50Z","last_seen":"2026-03-04T20:34:40.124586Z","alert_count":0,"request_count":2,"received_data":635,"sent_data":1035,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"rover-app.org/","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"f89ef5da8043fb70eacbb4d7d4b5115d","sha1":"c2bf1870ff8e6a0b009eeac2931543f26c72293b","sha256":"425d6e664e8eb6738305dde8e2a8e1267b4cb88af8575fbd15619f826ff31a66","sha512":"f0d7740c5e50e6fe16c77d3e794e51df92b2d225e27522925668e5afe905c7b8344f3fe191d2a184f2d35c429feb9b738d21da5c1fbe354a49d515148313dd35","ssdeep":"","tlshash":"14e0eb0bf02c01b18c2f58dba0c14ada79e080bb0bc8e041782e41ac0b31d3934efaec","size":325,"data":"","first_seen":"2026-03-06T06:52:22.875838Z","last_seen":"2026-03-06T07:00:02.4109Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"4dcc46f258f2e0e01a5d63c0bfa41eb4","sha1":"872c508a5b8d96fc9520e18afabeb5bc173a63a0","sha256":"3ec2c65bef65d9ca43901bade11cf6b4bf9b5ce5ece4edb9817e77cb1c4b8cc1","sha512":"ff714e4dc1862222f13c04409b16eeab937267184a90cb947e6285c2b7e0d1719d9fc0b2e518d8411d6c63c06b8c538d432c64ca9af8a9cbd5b03c5257495035","ssdeep":"","tlshash":"83518bb55eb21534a12b016f27cb69443700b0abf644ea7839fcc29a5fd0d90a2637bd","size":2554,"data":"","first_seen":"2026-03-06T06:52:22.876663Z","last_seen":"2026-03-06T07:00:02.411872Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","size":31169,"data":"","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-06-08T10:26:47.398684Z","times_seen":78103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"introduction_type":"scriptElement","is_inline":true,"md5":"8ce237992dbaa67490f863f9f91902bf","sha1":"92fd3b94ab77ec87bb20d66d49ed838045e82246","sha256":"00aaca9604b521d09315ed12007ce19d3e0c9902520e0c5d411291033547ebac","sha512":"58ea212ebe700bb5ca357afe97fd9fd30b9de923219891e9408deb02b5d42c74e85c6f7923cbea7b3c811f3e27721bee6bf5697d411a7b56e593997a9a4f82cb","ssdeep":"","tlshash":"89c0808fb6ee161002dfdd77047b9f4c3434800d4804070c3d2cc5d01d38d66e407945","size":180,"data":"","first_seen":"2026-03-06T06:52:22.877719Z","last_seen":"2026-03-06T07:00:02.412891Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oxygen/v16/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/oxygen/v16/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rover-app.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16152\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 04 Mar 2026 15:16:23 GMT\r\nexpires: Thu, 04 Mar 2027 15:16:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 04 Sep 2025 17:08:52 GMT\r\ncontent-type: font/woff2\r\nage: 142535\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16152,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16152, version 1.0","md5":"233b219a1a4059fef591a77b01a04cae","sha1":"1f7e0508041ab3f009343e7b2fa119c10ae9907c","sha256":"4414b63c51aaef6d5d77ef9b45d9a936e476ad3a9902e046cf7cb8af05ce72bc","sha512":"12063b60fc3e15769370d063aabcb06c8f586af7fed476247c16a91b95ccdaa48747d72576b32b0dec6639fa48c2848d948983e3a17876ceed3ec668efae1285","ssdeep":"384:0pmXmslQc1mSrtvli0I0k7aG0tbu/zMtpozw0xYkkP:omXmsHdr7i0ZMaG0tburMtpqVW","tlshash":"b572e019aba02e0f78038bb312035954f34be55fed0bf7fa1d2aa191766bc003557996","first_seen":"2025-09-05T07:00:18.503878Z","last_seen":"2026-06-08T08:17:55.236661Z","times_seen":3542,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":54,"dns":1,"connect":8,"send":0,"wait":9,"receive":2,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/glyph-BPKPYTDI.svg","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:58.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET /glyph-BPKPYTDI.svg HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:58 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 665\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache: HIT\r\nLast-Modified: Fri, 31 May 2024 12:54:07 GMT\r\nEtag: \"6659c86f-299\"\r\nX-Cache-Url: https://rover-app.org/glyph-BPKPYTDI.svg\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":665,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"86a5cf3f034b3f0376bbf0759ae26d36","sha1":"867b34eebb34783a09c2021fd2b6c08dab4eae51","sha256":"c8e82ecfe9961ead21468c9f64b9958a361c5e08a31716f0c030a174d243cb7a","sha512":"31c2ac58d646094c77217f8d3a9dab79b1d5f0206c873bf04c2ea9e07ca56b08568b57e5f782803ade65a7ad8806a75e2d42414d422c149242cd91c01e330e8e","ssdeep":"","tlshash":"3001996ee7257e3a70132be4af59e5a14153f0d6e11a10c8e0e46133634ae69b012b61","first_seen":"2025-11-08T16:17:31.185131Z","last_seen":"2026-05-30T22:40:13.703205Z","times_seen":15,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cloudflareinsights.com/cdn-cgi/rum","fqdn":"cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:58.135Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 17 Feb 2026 14:29:28 GMT","end":"Mon, 18 May 2026 15:29:15 GMT"},"fingerprint":{"sha1":"8B:A9:51:50:78:B2:5E:75:31:54:23:BC:80:D6:CA:53:34:E5:CD:8F","sha256":"AF:D9:FB:4F:B0:E1:BD:80:DF:22:93:A7:4A:99:5B:50:0A:BE:47:59:37:98:C6:BF:C5:DF:8D:8F:F0:8D:FD:23"}}},"request":{"raw":"OPTIONS /cdn-cgi/rum HTTP/1.1\r\nHost: cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://rover-app.org/\r\nOrigin: https://rover-app.org\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 06:51:58 GMT\r\ncontent-type: text/plain\r\naccess-control-allow-origin: https://rover-app.org\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-allow-headers: Content-Type\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 9d7f6f587fdb3181-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":60,"timings":{"blocked":21,"dns":1,"connect":1,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Poppins|Oxygen:400,700","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:01 GMT","end":"Mon, 27 Apr 2026 08:38:00 GMT"},"fingerprint":{"sha1":"AD:23:3E:9B:CF:2B:A1:EC:31:14:63:D1:58:73:BB:E7:C5:32:16:8C","sha256":"B1:5F:45:BF:00:8C:68:35:D3:42:B2:67:66:47:9D:BB:42:41:07:56:3A:C4:1C:D6:10:7B:B7:53:C2:71:81:33"}}},"request":{"raw":"GET /css?family=Poppins|Oxygen:400,700 HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 06 Mar 2026 06:51:57 GMT\r\ndate: Fri, 06 Mar 2026 06:51:57 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2705,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"04f496f1476ada4bc17ddb68f5810f1f","sha1":"ef34cd0783bec0f0e0bc866e9e92ce0764dbb0dc","sha256":"1513c1b40ad1eb5f4430c3f5198d006d77afacf2b6d835ae9d025b1adf40db71","sha512":"750c0a86ea76fb925d4b6528684aa8317c64aad26c2c057a97d96e4c9456188112976617d5b706d61e58184392eec48da67c9d696019b09ad78414b019ba1860","ssdeep":"","tlshash":"4951cd920c7be514a7930cc522ce7d33ef0e62517445a834aefe1c98bca7d659362b1d","first_seen":"2025-11-08T16:17:31.179616Z","last_seen":"2026-03-06T07:00:02.400083Z","times_seen":9,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":93,"dns":1,"connect":20,"send":0,"wait":32,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/index-Z3GN4FTR.css","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.772Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET /index-Z3GN4FTR.css HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:57 GMT\r\nContent-Type: text/css\r\nContent-Encoding: gzip\r\nContent-Length: 704\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache: HIT\r\nX-Cache-Url: https://rover-app.org/index-Z3GN4FTR.css\r\nLast-Modified: Fri, 31 May 2024 12:54:07 GMT\r\nEtag: W/\"6659c86f-5e9\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1513,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"54aebd5706d8e94a865a854cf1db6b72","sha1":"3143bf0bd4ee927c6973dc2877fe421320233baa","sha256":"9e3ac2d469dc1b6fc06e7c193b776dd8de4914f0c82af1cdb9eff773e06ee7f5","sha512":"8eeb47ec29bbcab615f7ee48f98906b51dfad9761a60d4fc5a6cfc7020cd2e769be78afea236ad2a8a73b73addc243a2979f56ee98f4dd3476b604aa02798ef5","ssdeep":"","tlshash":"9231dc10fea3bb82a63384bf33dad6962b386017401aea0c7ee277544f4a14755e039d","first_seen":"2025-11-08T16:17:31.189008Z","last_seen":"2026-03-06T07:00:02.406324Z","times_seen":9,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/logo-white-NE2GPYXA.svg","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET /logo-white-NE2GPYXA.svg HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:57 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 1815\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache-Url: https://rover-app.org/logo-white-NE2GPYXA.svg\r\nEtag: \"6659c86f-717\"\r\nLast-Modified: Fri, 31 May 2024 12:54:07 GMT\r\nAccept-Ranges: bytes\r\nX-Cache: HIT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1815,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d840e77082e80d3ac0c1c3a2daaab60a","sha1":"ba15904dc09f4b3590b93b0b57fe706c2ee5bbb0","sha256":"e14679ae98b51601357ab91b9ae7efc75399e2868fbc9cfe77874abcb8ed4664","sha512":"aa5eff1528aceb280bd669a48da2124751a978f9937ecc7d693b8b22c04491b53442397e06270c04f35da57e27413de13061d8f696119bf978d95b68b61b3fb8","ssdeep":"","tlshash":"0931b57ee6297a3c700247e4d728d471725fb99f72116368c0f856326347e2dd4a2ea3","first_seen":"2025-11-08T16:17:31.18218Z","last_seen":"2026-05-30T22:40:13.705126Z","times_seen":15,"resource_available":false,"data":null}},"time_used":291,"timings":{"blocked":123,"dns":0,"connect":38,"send":0,"wait":39,"receive":0,"ssl":50},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/imaginary-menagerie-ZA3ZLRJS.svg","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.775Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET /imaginary-menagerie-ZA3ZLRJS.svg HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:57 GMT\r\nContent-Type: image/svg+xml\r\nContent-Length: 10025\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache-Url: https://rover-app.org/imaginary-menagerie-ZA3ZLRJS.svg\r\nEtag: \"6659c86f-2729\"\r\nAccept-Ranges: bytes\r\nX-Cache: HIT\r\nLast-Modified: Fri, 31 May 2024 12:54:07 GMT\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10025,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3c9d139726f0d7903974c705d492f85a","sha1":"85859b1df60372ba2ae27e043c65fac31f8aebdd","sha256":"59270755ca46fe4f9689a8467cf18aa8c0dda1b45a659f36ea8530a01aa41a7e","sha512":"84258c2601b26a7166e6657c0769389b87cb02779e5dd53e47ff377d89f9805b27a6af0a9ac2ee891fda0522e9871ed61d0124ac413c39f9fa920ffb1967db40","ssdeep":"192:HRrTEEskgakZfh6Vxq4juEiCKTwcaRYU+SEn:xcxdZ6VLrmwcuYU+9","tlshash":"132267ca6720f28869d3edddff444895311e90ffda6bc78181deca2655d39a1eb09c40","first_seen":"2025-11-08T16:17:31.191924Z","last_seen":"2026-05-30T22:40:13.692436Z","times_seen":15,"resource_available":false,"data":null}},"time_used":160,"timings":{"blocked":121,"dns":0,"connect":0,"send":0,"wait":38,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.80.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.776Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 17 Feb 2026 14:29:28 GMT","end":"Mon, 18 May 2026 15:29:15 GMT"},"fingerprint":{"sha1":"8B:A9:51:50:78:B2:5E:75:31:54:23:BC:80:D6:CA:53:34:E5:CD:8F","sha256":"AF:D9:FB:4F:B0:E1:BD:80:DF:22:93:A7:4A:99:5B:50:0A:BE:47:59:37:98:C6:BF:C5:DF:8D:8F:F0:8D:FD:23"}}},"request":{"raw":"GET /beacon.min.js HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 06:51:57 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2026.2.0\"\r\nlast-modified: Thu, 19 Feb 2026 17:45:24 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 9d7f6f5658315ebd-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":31169,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (31169), with no line terminators","md5":"4f67ea9205c3ca7c9e04582d3b9bdd1d","sha1":"d3b68ad3eb88d3db3d843211d4905143c3bff281","sha256":"4b77eae349a8cbcea7133cf3640a64ebf1f69d54d8f6469d7be6fdc188ca4ca4","sha512":"f034bbae022b026821045c28393ba371fe83f6b5ef1fcc66f0943525ad3587d417f04cd795d8accee7d86b82057ca74b50a4d3ae74855cb0e4504393ad943c42","ssdeep":"384:BXi1f+hZCIy1f84QDRuT9WKw00QmLnivMt+BERzR0c744BKJKe0620vFjOkcXo9g:+V584QlIrw6OPIJJtFjj09N","tlshash":"bce218eeb591b13603f7a072447f210b733ab56264494408e21bd6c22c78eeed257fad","first_seen":"2026-02-19T19:35:51.221473Z","last_seen":"2026-06-08T10:26:47.398684Z","times_seen":78103,"resource_available":true,"data":null}},"time_used":92,"timings":{"blocked":36,"dns":21,"connect":1,"send":0,"wait":11,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oxygen/v16/2sDfZG1Wl4LcnbuKjk0m.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.251.142.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/oxygen/v16/2sDfZG1Wl4LcnbuKjk0m.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://rover-app.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 16288\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 05 Mar 2026 01:47:23 GMT\r\nexpires: Fri, 05 Mar 2027 01:47:23 GMT\r\ncache-control: public, max-age=31536000\r\nage: 104675\r\nlast-modified: Thu, 04 Sep 2025 17:08:56 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":16288,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 16288, version 1.0","md5":"205f35f3d41b09dc8c60b4a17a0078e7","sha1":"d945c292ad20d91ddbf29c9aed09fa78da66c3c5","sha256":"cb77b974327584a478f8579490a5f118da52f1062e00b5ad31cb4dc5444efb37","sha512":"ce34eaec1dc4c39bec163f492d2ece57035b749149f82fd0a2a3a310e7feffa38ef5090cc9cb70b261c12fe39b734a1133b4d85b65d567e8f84c7e9d228f88ce","ssdeep":"384:n9r224rYCfSQ+kNLYq+kI7oCsY0w0bKpY8YaUhqMDaj:nA24rR+Scq3I7oX4Y8bUtDaj","tlshash":"fe72d0321d02117cf3615b25e01cfc9ead4c7857b15886b93d69bd030a63bdefa4e6a1","first_seen":"2025-09-05T00:54:03.60612Z","last_seen":"2026-06-08T08:17:55.231692Z","times_seen":4443,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":59,"dns":1,"connect":21,"send":0,"wait":9,"receive":2,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cloudflareinsights.com/cdn-cgi/rum","fqdn":"cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:58.167Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 17 Feb 2026 14:29:28 GMT","end":"Mon, 18 May 2026 15:29:15 GMT"},"fingerprint":{"sha1":"8B:A9:51:50:78:B2:5E:75:31:54:23:BC:80:D6:CA:53:34:E5:CD:8F","sha256":"AF:D9:FB:4F:B0:E1:BD:80:DF:22:93:A7:4A:99:5B:50:0A:BE:47:59:37:98:C6:BF:C5:DF:8D:8F:F0:8D:FD:23"}}},"request":{"raw":"POST /cdn-cgi/rum HTTP/1.1\r\nHost: cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 626\r\nOrigin: https://rover-app.org\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":626,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":610,\"startTime\":1772779917386,\"versions\":{\"js\":\"2026.2.0\",\"timings\":2},\"pageloadId\":\"6ac2db3c-0b16-46f1-a2ca-a2689a02a38a\",\"location\":\"https://rover-app.org/\",\"nt\":\"navigate\",\"timingsV2\":{\"nextHopProtocol\":\"http/1.1\",\"domainLookupStart\":20,\"domainLookupEnd\":77,\"connectStart\":77,\"connectEnd\":164,\"requestStart\":164,\"responseStart\":202,\"responseEnd\":280,\"domInteractive\":568,\"domComplete\":706,\"loadEventStart\":706,\"loadEventEnd\":707,\"transferSize\":74248,\"decodedBodySize\":73888},\"siteToken\":\"f14e7643b0b64ce288215918ec88c288\",\"st\":2}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 06 Mar 2026 06:51:58 GMT\r\nserver: cloudflare\r\ncf-ray: 9d7f6f5888223181-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T12:34:25.437902Z","times_seen":16239334,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-06T06:51:57.406Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:57 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 73888\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nVary: Accept-Encoding\r\nAccept-Ranges: bytes\r\nLast-Modified: Wed, 04 Mar 2026 15:04:49 GMT\r\nX-Cache: HIT\r\nX-Cache-Url: https://rover-app.org/\r\nEtag: \"120a0-64c3424349eb5-gzip\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73888,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (391)","md5":"d8cdd7b13396519cdc33d8b5b8cac3e8","sha1":"ea81431a7aba86742f49fb3b60c8bc408c0847fd","sha256":"f0fc2f20fcf901d623befe749ad6b20d70a9b6edca5c25043af8b1dc69589cc4","sha512":"232c20f2511f005524439b552d539677ee7c48d53978092ba25839ca01c20346b3e0c8beb8d945ab1046aaafce992da3c625746de14e21cc3151d2d518e94a10","ssdeep":"768:tgxBfaTVplRhf/mGFHLiesG9MpjGGlMkMc/2ClW+RFFg+gUmwZ8g1OuOBfodMxp:+x0pPkMc/2H+Rng1xp","tlshash":"ac7321194973e29d1c63941a23e15e231270e403ad05fb9f3bff81a48f4bad464dae66","first_seen":"2026-03-06T06:52:22.873695Z","last_seen":"2026-03-06T07:00:02.398142Z","times_seen":4,"resource_available":false,"data":null}},"time_used":404,"timings":{"blocked":144,"dns":57,"connect":38,"send":0,"wait":38,"receive":78,"ssl":46},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rover-app.org/index-LG3B7WR4.js","fqdn":"rover-app.org","domain":"rover-app.org","tld":"org"},"ip":{"addr":"151.247.193.142","port":443,"asn":0,"as":"","country":"Iran","country_code":"IR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rover-app.org/","date":"2026-03-06T06:51:57.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rover-app.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 20 Jan 2026 19:03:06 GMT","end":"Mon, 20 Apr 2026 19:03:05 GMT"},"fingerprint":{"sha1":"55:4B:82:BE:DE:7A:F2:6A:9D:35:56:83:8F:6E:39:3C:86:3C:9B:AD","sha256":"4C:3B:C8:2F:2F:16:76:1F:EA:FA:12:4A:14:E0:FC:45:75:37:2A:BA:1D:8E:D8:7F:28:F0:DE:3A:68:31:52:51"}}},"request":{"raw":"GET /index-LG3B7WR4.js HTTP/1.1\r\nHost: rover-app.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rover-app.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 06 Mar 2026 06:51:57 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Encoding: gzip\r\nContent-Length: 51154\r\nEggy-Wall: 12.5\r\nAbuse: abuse@eggywall.cc\r\nX-Cache-Url: https://rover-app.org/index-LG3B7WR4.js\r\nLast-Modified: Fri, 31 May 2024 12:54:07 GMT\r\nX-Cache: HIT\r\nEtag: W/\"6659c86f-2bb93\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":179091,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (763)","md5":"def38e33418a003976c541680bb93336","sha1":"555d70dba0043b4af21295dca594bd7caccab686","sha256":"ed160b00bd7a9cb8db9e7cc8bb18259079e15abdbba1c665d42065de0ffedecb","sha512":"c168ae35bfd2823b040131779493da06c2d19bc236f50bfb9bc00917ca32b236eaf86ddecbc19cd1287c8c1ba29241b0b632d7a533a9ff37bd62e72a920f4014","ssdeep":"3072:/Djr+DpMzYuXp6nf8tg0eOrorororororP:L8qz3p6nEtxeOrorororororP","tlshash":"26044148baf638319617b039493fd809b276585b254dde047d0ca2f85f6c43c97bafa8","first_seen":"2026-03-06T06:52:22.874704Z","last_seen":"2026-03-06T07:00:02.401384Z","times_seen":6,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-03-06","alert":"Phishing Block","trigger":"rover-app.org","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-03-06","alert":"Sinkholed","trigger":"rover-app.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}